Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/afa1ee-8d80-4d5a-a739-c612a70abb42/1/2NktiKibbqlkp_IPB-Q4_RES45Q.roa
File: 2NktiKibbqlkp_IPB-Q4_RES45Q.roa (raw, json)
Hash identifier: nHUNxsYMB1Ljqi8eAkz9VxR3WY53Q0eItn+Ma07hD1o=
Subject key identifier: D8:D9:2D:88:A8:9B:6E:A9:64:A7:F2:0F:07:E4:38:FD:11:12:E3:94
Certificate issuer: /CN=578041152df80f6e531342663dd003109905084f
Certificate serial: 018CC26D04B1E671D64B2096F40926E7D102
Authority key identifier: 57:80:41:15:2D:F8:0F:6E:53:13:42:66:3D:D0:03:10:99:05:08:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V4BBFS34D25TE0JmPdADEJkFCE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/afa1ee-8d80-4d5a-a739-c612a70abb42/1/2NktiKibbqlkp_IPB-Q4_RES45Q.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202182
IP address blocks: 45.153.90.0/24 maxlen: 24
2a13:9c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:04:b1:e6:71:d6:4b:20:96:f4:09:26:e7:d1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578041152df80f6e531342663dd003109905084f
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8d92d88a89b6ea964a7f20f07e438fd1112e394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f5:77:c0:ab:73:ea:67:49:7e:40:b6:aa:06:
c6:5f:c5:80:d6:ff:4b:0b:49:a8:53:78:2b:05:43:
11:9e:de:80:b3:c4:85:3d:ff:a3:97:05:eb:86:da:
0c:f0:44:ba:a3:91:9e:55:26:15:10:68:38:0a:09:
b8:ed:a2:76:47:cb:ad:6e:c4:cd:37:33:85:d0:7e:
35:3d:0d:31:09:0b:5a:94:93:14:6c:5c:ca:49:18:
d0:9f:e4:20:53:7c:f6:d7:61:4a:d5:2d:68:1b:ae:
47:46:35:1f:f5:f1:66:10:f3:7e:84:ac:00:74:45:
5a:b9:3f:bd:cb:8f:c0:00:1a:b4:15:08:07:5b:98:
ac:2e:8a:c2:d0:30:be:3e:8a:f3:32:ca:61:c2:c5:
6b:d6:88:a5:c7:cb:32:58:4b:16:2d:76:90:a9:5c:
f1:65:ad:5e:d5:5b:d6:53:80:37:77:64:57:16:e4:
ca:c2:ec:f0:00:2c:0a:0f:8d:4d:79:ed:79:f6:e6:
9d:9b:2c:b6:40:66:13:0f:64:6e:2f:86:ca:5c:b9:
28:c3:3c:f6:e3:65:18:01:e2:a1:98:e6:90:31:78:
cb:a8:7e:2c:35:b8:90:21:ba:1d:25:d5:d0:69:7b:
25:4f:03:5b:cc:ca:8c:19:0d:0b:45:ac:ab:fd:57:
96:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D9:2D:88:A8:9B:6E:A9:64:A7:F2:0F:07:E4:38:FD:11:12:E3:94
X509v3 Authority Key Identifier:
keyid:57:80:41:15:2D:F8:0F:6E:53:13:42:66:3D:D0:03:10:99:05:08:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V4BBFS34D25TE0JmPdADEJkFCE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afa1ee-8d80-4d5a-a739-c612a70abb42/1/2NktiKibbqlkp_IPB-Q4_RES45Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/afa1ee-8d80-4d5a-a739-c612a70abb42/1/V4BBFS34D25TE0JmPdADEJkFCE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.90.0/24
IPv6:
2a13:9c0::/48
Signature Algorithm: sha256WithRSAEncryption
a6:27:16:5a:d9:df:36:e4:cf:fb:84:2d:b8:c2:b0:e4:de:7c:
5e:f2:49:c6:70:03:f7:cf:f9:56:27:61:e6:2a:1a:6c:e2:f5:
c9:73:a9:00:ca:05:01:1f:df:bf:16:1f:95:c7:76:85:d1:6e:
e1:b9:40:2c:12:ae:87:59:e8:31:48:13:94:a3:78:be:d6:b7:
c6:e0:39:b3:a3:d4:05:d2:27:69:cf:49:69:4a:34:c5:98:48:
c8:56:bb:38:a5:67:50:fe:17:ef:6a:04:ee:9d:e4:7a:3f:7a:
3d:56:bc:ab:28:17:91:f4:e4:2e:2d:2c:68:25:27:16:80:4f:
61:e0:5f:ce:6a:4c:d6:42:06:d5:2a:13:82:da:37:c5:be:a0:
ff:be:32:70:f8:69:f7:79:fc:57:4c:93:04:78:ca:90:0d:e5:
7c:7f:5a:80:dc:bc:0d:84:c9:e2:66:b0:bd:32:1e:90:e9:e0:
a7:c1:69:da:84:1b:0f:8e:45:68:dc:2e:0f:d1:48:32:ca:75:
1b:3d:0c:60:b0:76:0d:fc:e9:18:b4:b1:c1:6c:a1:b2:b4:14:
05:c2:9d:58:78:1d:54:33:87:21:ee:5e:25:56:9a:bb:42:84:
80:dc:6a:81:0e:34:d7:1b:34:ab:3c:75:f0:f5:1c:67:e2:e2:
8b:49:bd:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbQSx5nHWSyCW9Akm59ECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ODA0MTE1MmRmODBmNmU1MzEzNDI2NjNkZDAwMzEwOTkw
NTA4NGYwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ5MmQ4OGE4OWI2ZWE5NjRhN2YyMGYwN2U0MzhmZDExMTJlMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPV3wKtz6mdJfkC2qgbGX8WA1v9L
C0moU3grBUMRnt6As8SFPf+jlwXrhtoM8ES6o5GeVSYVEGg4Cgm47aJ2R8utbsTN
NzOF0H41PQ0xCQtalJMUbFzKSRjQn+QgU3z212FK1S1oG65HRjUf9fFmEPN+hKwA
dEVauT+9y4/AABq0FQgHW5isLorC0DC+PorzMsphwsVr1oilx8syWEsWLXaQqVzx
Za1e1VvWU4A3d2RXFuTKwuzwACwKD41Nee159uadmyy2QGYTD2RuL4bKXLkowzz2
42UYAeKhmOaQMXjLqH4sNbiQIbodJdXQaXslTwNbzMqMGQ0LRayr/VeWawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjZLYiom26pZKfyDwfkOP0REuOUMB8GA1UdIwQY
MBaAFFeAQRUt+A9uUxNCZj3QAxCZBQhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjRCQkZTMzREMjVURTBKbVBkQURFSmtGQ0U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hZmExZWUtOGQ4MC00ZDVhLWE3Mzkt
YzYxMmE3MGFiYjQyLzEvMk5rdGlLaWJicWxrcF9JUEItUTRfUkVTNDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hZmExZWUtOGQ4MC00ZDVhLWE3MzktYzYxMmE3MGFiYjQy
LzEvVjRCQkZTMzREMjVURTBKbVBkQURFSmtGQ0U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZlaMA8E
AgACMAkDBwAqEwnAAAAwDQYJKoZIhvcNAQELBQADggEBAKYnFlrZ3zbkz/uELbjC
sOTefF7yScZwA/fP+VYnYeYqGmzi9clzqQDKBQEf378WH5XHdoXRbuG5QCwSrodZ
6DFIE5SjeL7Wt8bgObOj1AXSJ2nPSWlKNMWYSMhWuzilZ1D+F+9qBO6d5Ho/ej1W
vKsoF5H05C4tLGglJxaAT2HgX85qTNZCBtUqE4LaN8W+oP++MnD4afd5/FdMkwR4
ypAN5Xx/WoDcvA2EyeJmsL0yHpDp4KfBadqEGw+ORWjcLg/RSDLKdRs9DGCwdg38
6Ri0scFsobK0FAXCnVh4HVQzhyHuXiVWmrtChIDcaoEONNcbNKs8dfD1HGfi4otJ
vbQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:11 2025 by rpki-client